Google May Face Fines for Not Answering Watchdog Concerns

Feb. 18 (Bloomberg) -- Google Inc. may be fined by European
Union data-protection agencies after failing to meet a deadline
to say how it will bring its privacy policy in line with EU
rules.

Google hasn’t provided “any precise and effective”
responses to EU data-protection regulators’ recommendations,
France’s National Commission for Computing and Civil Liberties,
or CNIL, said in a statement today.

EU regulators “are determined to act and continue their
investigations” and take “repressive action” by summer, CNIL
said, without defining what that may entail. CNIL led the probe
on behalf of the other EU privacy agencies.

Google, operator of the world’s largest search engine,
faces privacy investigations by authorities around the world as
it debuts new services and steps up competition with Facebook
Inc. for users and advertisers. Google changed its system to
create a uniform set of policies for more than 60 products last
year, unleashing criticism from regulators and consumer
advocates concerned it isn’t protecting data it collects.

“Our privacy policy respects European law and allows us to
create simpler, more effective services,” Mountain View,
California-based Google said in an e-mailed statement today.
“We have engaged fully with the CNIL throughout this process
and we’ll continue to do so going forward.”

Already Answered

Google also said it responded to the October letter on Jan.
8, listing changes already made to improve the privacy
protections, and sought a meeting to discuss their findings. It
said it hasn’t heard back.

Earlier in this affair, Google and CNIL disagreed over the
quality of the company’s responses to data-protection concerns.
Google twice defied requests to delay its March 1 start date to
implement the streamlined privacy policy until CNIL could review
it. Google then provided what CNIL called “often incomplete”
information in response to a list of 69 questions, earning a
rebuke in May and more questions.

CNIL complained again about Google’s “unsatisfactory”
responses to its queries in October, giving Google until this
month to fix the policy. CNIL could levy fines should Google
fail to comply, Chairwoman Isabelle Falque-Pierrotin said,
calling it “probable” that other European agencies would
pursue Google if it doesn’t address the issues.

Small Fines

CNIL’s fining powers pale in comparison with Google’s
financial might. The company earned more than $10 billion last
year and CNIL’s heaviest fine to date was 100,000 euros
($134,000) -- against Google in 2011 for breaches related to its
Street View mapping service.

And while CNIL said today that other EU data-protection
watchdogs could also pursue Google, not all of them have fining
powers. Regulators in the U.K., Ireland and Austria, which is
one that can’t levy financial penalties, said in October they
would first see how Google reacts to the letter before
considering any other actions.

EU Justice Commissioner Viviane Reding proposed changing
the bloc’s almost 18-year-old data-protection rules and how
they’re administered to toughen protections and make things
simpler for companies, putting them under one regulator rather
than potentially facing multiple inquiries on the same subject,
as Google faced on Street View.

In the meantime, agencies are striving to coordinate
actions to speak with one voice and minimize redundant efforts.
CNIL’s work conducting one investigation into a Europe-wide
question on Google and the letter signed by 27 European data
protection authorities marks the first time this happened.